• Audit
• Authorizations
• GRC Services
• Identity & Access Management
• Day-to-Day Support
• Trainings

GRC Services

Drive Business Predictability with confidence.

Today’s business climate is complex and increasingly difficult to predict. Stakes are rising in a global market in which competition is fierce and brand loyalty is fickle. Across all industries, companies are grappling with high expectations and margin pressures. At the same time, businesses are facing a great number of legal, regulatory and business partner mandates. Looking ahead, you can expect more of the same.
Therefore the question is: given today’s highly regulated environment, how can you control risk, effectively manage drive performance, and ultimately inspire greater confidence?
An old management axiom says:  “You can’t manage what you don’t measure”

(© SAP AG)

An integrated approach to managing Governance, Risk and Compliance!

SAP® helps organizations to build an integrated GRC approach on the basis of a step-by-step approach. SAP® solutions for governance, risk and compliance help you leverage your SAP®  IT investments, and deliver the following business benefits:

• increased value. Good corporate governance is reflected in many intangibles, including brand and reputation.
• optimized risk / return portfolios. Greater transparency and insight enables your decision makers to select or reject projects based on risk impact and probability relative to potential return.
• reduced costs. Your GRC project will significantly reduce the number of people – and time – required to ensure and manage compliance and risk management.
• improved business performance and predictability. SAP solutions for governance, risk and compliance deliver enterprise wide transparency, a systematic process for anticipating risks and the tools to proactively determine proper actions.
• business sustainability., Businesses can more effectively mitigate risks stemming from myriads of legislations when using solutions delivered through automation, analytics, and alerts.
• business agility. Your organization can identify and assess alternative scenarios – and can gain greater business agility and competitive differentiation.

(© SAP AG)

axl & trax is SAP Silver Level Expertise GRC Partner

In 2008 axl & trax will focus on the SAP GRC Access Controls applications. The applications SAP GRC Risk Management and SAP GRC Process Controls will follow soon.

SAP GRC Access Controls Solution consists of the following modules:

• Risk Identification & Remediation. Rapid, cost-effective and comprehensive initial clean-up.
• Enterprise Role Management. Enforce SoD compliance at design time. An application that allows role owners to document role definition, perform automated risk assessments, track change control, and facilitate maintenance.
• Compliant User Provisioning. Prevent SoD violations at run time. A Web-based application that enables compliant provisioning by automating the user access request and approval process with embedded risk analysis
• Superuser Privilege Management. Close ##1 audit issue with temporary emergency access. A superuser tool that allows emergency access in tandem with authorization, data, and access restrictions, along with an audit trail.
• Periodic Access Review and Audit. Focus on remaining challenges during recurring audits.
• Cross-enterprise library of best practice segregation of duties rules.

What is the Added value of axl & trax?

Our GRC Consultants have a solid experience in Business Administration and IT, especially regarding Risk Assessment, Authorization Architectures, Business Control Frameworks, Architectural Security Services, and, Tracking Methodologies. They can assist you during all the different phases of your project. Even better, with the axl & trax methodology and tools, costs will be cut dramatically during the sprint phase, reducing the man/days and the project’s elapsed time! axl & trax also guides you during the “stay clean” phase to put all in place at “state-of-the-art” level.

SOX Compliance Services

One of the most renowned compliance issues of recent years is beyond any doubt the Sarbanes-Oxley Act (SOX compliance). To achieve compliance in the SAP authorizations area, all internal control principles need to be applied to your authorizations setup. In order to meet your control objectives, efficiently designed and effectively operating controls have to be in place, on process level, but also on Segregation of Duties level.

axl & trax can accompany you through all the steps required to close your control gaps and reach compliance:

• Verification that the conceptual part of the authorizations contains no SOD conflicts,
• Resolution of SOD conflicts at Composite Role level (Business Function level),
• Design of compensating controls in case SOD issues cannot be solved through organizational changes, 
• Optimization of existing controls: transferring manual controls to automated ones, detective controls to preventive ones wherever possible, thus transferring the workload required for control activities from business people to the system, 
• Reporting of gaps identified by the controls, allowing proper monitoring by management.

axl & trax will take all the necessary actions to guarantee a higher level of confidence in the controls of each of your processes.
To fulfil your needs, our services range from supportive reporting cycles that allow self remediation, up to full remediation support. From isolated interventions to complex SAP® turnkey projects.